[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) New Scientist (UK): Hand Over Your Keys

------- Forwarded message follows -------
Date sent:      	Wed, 17 Jan 2001 14:12:26 -0500
To:             	dcsb@ai.mit.edu, cryptography@c2.net
From:           	"R. A. Hettinga" <rah@shipwright.com>
Subject:        	New Scientist (UK): Hand Over Your Keys

--- begin forwarded text

Date:         Wed, 17 Jan 2001 13:31:39 -0500
Reply-To: Law & Policy of Computer Communications
Sender: Law & Policy of Computer Communications
From: Matthew Gaylor <freematt@COIL.COM>
Subject:      New Scientist (UK): Hand Over Your Keys

"The Home Secretary says these powers are necessary for catching drug
dealers and paedophiles."

Pubdate:  Jan 13, 2001
Source: New Scientist (UK)
Page: 51
Copyright: New Scientist, RBI Limited 2001
Contact: letters@newscientist.com
Website: http://www.newscientist.com/
Author: Caspar Bowden


Protecting privacy could soon be more difficult in Britain than
anywhere in the world, warns Caspar Bowden. Internet users may end up
with fewer civil rights than terrorists

[a review of]
"Crypto" by Steven Levy, Viking, $24.95, ISBN 0670859508

SINCE the Second World War, international communications have been
hoovered up from undersea cables and microwave links, and increasingly
from computer networks and mobile phones. Sorted and sanitised, they
become the intelligence reports intended for the eyes only of
government ministers. In Britain, the agency that performs this work
is Government Communications Headquarters (GCHQ) in Cheltenham,

It was here in 1969 that the mercurial scientist James Ellis invented
"public key" cryptography, a revolutionary code that allows secret
communication without sharing a secret key. As a direct consequence,
Britain acquired a new law last year that compels the surrender of
computer passwords, even by people not suspected of any crime. It
means two years in jail if you refuse, and another five if you breach
a secrecy order and complain publicly.

The story of what's brought us to this extraordinary state of affairs
is told in Crypto. Written from an American viewpoint, it relegates
GCHQ to an appendix and begins instead with the independent
rediscovery of public key cryptography in 1975 by Whitfield Diffie, a
Stanford computer scientist. Ever since, Diffie has championed the
public's right to use it to protect individual privacy.

How is it possible to devise a code that does not require the sender's
choice of key to be shared with the receiver of the message? The
answer, realised by both Ellis and Diffie, is for the receiver to
construct a kind of puzzle that the sender uses to scramble messages
in a way that cannot be reversed unless you know the trick of the
puzzle. GCHQ worked out the details (which involve enormous prime
numbers) a few years before Diffie and others in the US. But it was
the Americans who were granted patents on the underlying mathematics.

These algorithms are now fundamental to Internet security and
e-commerce. Before you enter a credit-card number on the Web, there
should be a padlock in the corner of your browser to tell you that all
transactions to the website are now scrambled. In that case, all the
computers of the US National Security Agency (NSA) will not be able
put the pieces back together again.

Whitehall's confederacy of dunces simply did not know what to do with
this invention. Not only did it let the American patents go
unchallenged, it also kept the achievements of the GCHQ scientists an
official secret until 1998. The US successfully prevented the
proliferation of these techniques for more than a decade, using export
controls, until a computer program called Pretty Good Privacy (PGP)
found its way onto the Internet in 1991. Its author, Phil Zimmerman,
was arrested for "munitions smuggling", and prolonged Kafkaesque
investigations made him an Internet folk hero. Ironically, he was
motivated by worries about computer networks becoming embedded in
society, and the totalitarian consequences if these were
systematically exploited for surveillance.

Last year, Britain belatedly abandoned an Orwellian scheme for "key
escrow", which would have meant the prior deposit of everyone's keys
with government. But now it has the Regulation of Investigatory Powers
(RIP) Act 2000. Any public authority can demand keys, and can even
keep this a secret by using a gagging order "to protect investigative
methods". The only redress will be through a complaints tribunal that
can hear secret evidence which cannot be cross-examined. These powers
are due to be activated in October 2001, when the next general
election should be safely out of the way.

The RIP Act can also require Internet service providers to install
"black boxes" that relay Internet wiretaps direct to the MI5 building,
home of the British security service. The Home Secretary says these
powers are necessary for catching drug dealers and paedophiles. But
this will leave every Internet user with fewer civil rights and
safeguards than are now enjoyed by terrorist suspects or asylum
seekers (and for this Home Secretary that is saying something). Even
more staggeringly, a leaked submission from the police and
intelligence agencies to the Home Office recently revealed that they
aspire to a seven-year computerised archive logging all phone calls,
e-mails and web browsing. When online, this amounts to surveillance of
your stream of consciousness without a warrant.

Crypto is a well-researched book. Its one flaw is its exclusively
American perspective, which means that it overlooks the most
repressive Internet legislation anywhere in the world: the RIP Act

Caspar Bowden is director of the
Foundation for Information Policy Research

**** Subscribe to Freematt's Alerts: Pro-Individual Rights Issues Send
a blank message to: freematt@coil.com with the words subscribe FA on
the subject line. List is private and moderated (7-30 messages per
month) Matthew Gaylor, 2175 Bayfield Drive, Columbus, OH 43229 (614)
313-5722     Archived at http://www.egroups.com/list/fa/

For Listserv Instructions, see http://www.lawlists.net/cyberia
Off-Topic threads: http://www.lawlists.net/mailman/listinfo/cyberia-ot
Need more help? Send mail to: Cyberia-L-Request@listserv.aol.com

--- end forwarded text

R. A. Hettinga <mailto: rah@ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44
Farquhar Street, Boston, MA 02131 USA "... however it may deserve
respect for its usefulness and antiquity, [predicting the end of the
world] has not been found agreeable to experience." -- Edward Gibbon,
'Decline and Fall of the Roman Empire'

------- End of forwarded message -------